Synopsys is working to make it easier for security teams to align their strategy across different projects, teams, and application security testing (AST) tools. They have released the Synopsys Software Risk Manager, which brings together security testing engines with policy-driven test orchestration and vulnerability management.
According to Synopsys, Software Risk Manager allows teams to centrally define and enforce their security policies, which can have specific parameters for testing and managing vulnerabilities.
It also allows for the consolidation of different security tools, which helps to unify the user experience for testing and security teams, the company explained.
Reporting can also be consolidated across different projects, teams, and tools, and this provides a big-picture view of security risks.
In addition, teams can integrate Software Risk Manager with other tools in their toolchain, enabling quick onboarding of existing projects.
“Application security programs need to be effective and efficient at reducing software risk in order to deliver value,” said Jason Schmitt, general manager of Synopsys’ Software Integrity Group. “Many organizations embracing digital transformation are struggling with the complexity and operational costs of managing their software risk at scale. Synopsys Software Risk Manager provides teams with a holistic view of their application security posture while accelerating time to value and reducing the overall cost of their AppSec programs.”